Task #61
Scripts for managing svn authz
100%
Description
Issue
DataONE accounts and groups are managed through LDAP, however there is no mechanism for directly managing subversion access control groups from LDAP. Instead, a svn authz file needs to be created and updated each time a change to LDAP is made.
Resolution
Create a script that generates an svn authz file based on the LDAP groups. The scripts should be executable through cron (at a high frequency, e.g every 10 minutes to minimize latency) or hooked into the user management functions of plone.
Can probably modify existing "listusers" script from dataone tools. Also "lots of perl scripts" are regularly used by the NCEAS folks, so could probably adapt something form there.
History
#1 Updated by Matthew Jones about 15 years ago
Note that changing the svn authz file only affects subversion. Ideally, we would also want to configure trac with the same groups by adding the users to the appropriate groups in trac (which I have done with the web ui or via the trac-admin utility).
#2 Updated by Roger Dahl about 15 years ago
- Status changed from New to Closed
Found script online: sync_ldap_groups_to_svn_authz.py (GPL).
Set up script with valid call that filters on dataone groups.
